Android Malware Shows Why Security Risk Is the Price of Freedom

By Wayne Rash  |  Posted 2011-03-07

Android Malware Shows Why Security Risk Is the Price of Freedom

The news that Google is remotely removing 58 malicious applications from Android devices shows that opening up the supply of software to a variety of sources has its risks, including malware similar to what has been infecting Windows for years.  

To many, it's good news that Google is able to remove this malware by remote control-although some Android users have told me that they don't like the fact that Google can "invade" their phones and pull things off without telling them first. 

The fact that malware is appearing on Android devices shouldn't be a surprise to anyone. Google has been fairly relaxed about screening its Android Market, and as a result some infected applications have found their way into the Market. But in the case of Android, there are other risks. Android devices also give you the ability to download apps from third party sources-places that aren't part of the Android Market. You have to make a selection from a menu on the device to allow this, but it's not exactly difficult. 

I'm sure there are many out there who will suggest that this makes Android devices less useful in the enterprise than, say, Apple or BlackBerry devices. The fact is, the usefulness balances out. If you need to create an application for internal use, it's a lot easier to get one on to your Android devices than to do the same thing with BlackBerry and Apple devices. The freedom to load applications from anywhere gives Android devices significant flexibility that you don't get with other devices. 

So on one hand you have greater flexibility, but on the other hand you have greater risk. But that doesn't mean that Android is the only mobile platform with risks from malware. There's already a variant of the Zeus Trojan, named Zitmo, attacking BlackBerry devices that apparently comes from visiting infected Websites or from infected e-mails. 

Meanwhile, security researchers are finding evidence of iPhone malware prototypes, so it's only a matter of time before we start hearing of iPhone, iPad and iPod Touch infections as well. These won't be coming from Apple's App Store, just as the BlackBerry App World probably isn't sending out malware-infected software. 

But the point is that you don't need to be sending out infected software to load malware on a mobile device. You just have to get someone to visit an infected Website or open an infected e-mail. This works just as effectively regardless of what brand of mobile device you're running.  

All Smartphone Users Need to Take Precautions


The problem is worse with mobile devices because security software hasn't been a priority for mobile users. Everyone realizes that PCs running Windows are a target because computer viruses started showing up years ago. Of course, nearly everyone has heard the painful tales of just how much grief a malware infection causes. But nobody thinks much about security on Apple products because the Macintosh has been relatively free for quite a while. The same is true about BlackBerry devices, which don't have a PC version. 

But the fact is that the numbers of mobile devices are in the millions. These devices may be small, but they're fully functional computers with multiple paths for communications and they effectively insulate their users from the details of the operating system. This means that malware can invade your mobile device and you may never know. Or at least you won't know until Zitmo passes your banking information along to the Bad Guys. 

The solution, of course, is to install security software on your mobile device just as you do on your computer. In addition, you need to avoid the temptation to open e-mails that look suspicious, instead erasing them without opening. And, of course, you need to avoid visiting questionable Websites. It's easy to fool yourself into thinking that the malware in these e-mails and on those Websites will only affect your PC, but you'd be wrong. 

There was a time I'd use my BlackBerry as a means of screening e-mails before I opened them on my computer. I knew that Windows malware would never run on that device, so I assumed that I was safe. Now that I know better, I simply erase suspicious messages without opening them. I still use my BlackBerry to do that, if only because BlackBerry malware is much more rare than Windows malware. But I also back up my BlackBerry so that if something bad infects it, I can simply blast the whole thing away and reload it. 

But the risk to Android and non-Android devices will continue to grow. With Android devices you have a larger number of infection vectors than you do with Apple or RIM devices, but that doesn't mean that those devices are free from any risk, because they're not. Ultimately, the malware purveyors are going to see those millions of iPhones and those millions of BlackBerrys, and see very fertile ground. And that means that they're going to be coming after those devices in increasing numbers.

Rocket Fuel